Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.02.2011
Source:
SecurityVulns ID:11446
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VANILLAFORUMS : Vanilla Forums 2.0
 DRUPAL : Drupal 6.20
 GDSTARRATING : GD Star Rating 1.9
 COMMENTRATING : Comment Rating 2.9
 STARBOXVOTING : Starbox Voting 2.0
 VOTEITUP : Vote It Up 1.2
 WORDPRESS : Z-Vote 1.1
 CDNVOTE : cdnvote 0.4
 WSNGUEST : WSN Guest 1.24
Original documentdocumentAliaksandr Hartsuyeu, www.eVuln.com : "time" SQL Injection vulnerability in WSN Guest (22.02.2011)
 documentAliaksandr Hartsuyeu, www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22845: SQL Injection in cdnvote wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22844: XSS in GD Star Rating wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22841: SQL Injection in Comment Rating wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22839: SQL Injection in Z-Vote wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22838: Path disclosure in Vote It Up wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22840: Path disclosure in Starbox Voting wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22842: Path disclosure in Comment Rating wordpress plugin (22.02.2011)
 documentHigh-Tech Bridge Security Research, HTB22843: Path disclosure in GD Star Rating wordpress plugin (22.02.2011)
 documentYGN Ethical Hacker Group, Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability (22.02.2011)
 documentMustLive, Brute Force и Abuse of Functionality уязвимости в Drupal (22.02.2011)
 documentMustLive, Abuse of Functionality уязвимости в Drupal (22.02.2011)
 documentMustLive, Denial of Service vulnerability in Megapolis.Portal Manager (22.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod